Password theft highlights weak security

Hackers have been up to their tricks again it is reported today; as The Times reported on June 23rd, “Passwords belonging to British cabinet ministers, ambassadors and senior police officers have been traded online by Russian hackers.”

It went on to explain that: “Email addresses and passwords used by Justine Greening, the education secretary, and Greg Clark, the business secretary, are among stolen credentials of tens of thousands of government officials that were sold or bartered on Russian-speaking hacking sites. They were later made freely available.”

Clearly this is a major leak, and exposes all those affected to having their emails hacked and their secrets exposed.

And as the story went on to reveal, most people fail to follow advice and use complex passwords that might be harder to crack. It found, for example, that in the case of email accounts used by the police the three most common passwords were “police”, “password” and “police1”.

And why don’t people follow the advice? Because it’s just too hard to do. How can any human being commit to memory a complex password that may have to be changed regularly, and is just one of many he or she has to remember? Which is why most users end up with a small handful of passwords they tend to re-use across multiple online services. It’s the only way to stay sane…..

The answer to the problem, of course, is to use two-factor authentication, such as that offered by SecurEnvoy. Instead of relying on username and password for authentication, SecurEnvoy’s Tokenless ® technology sends a one-time code to the user’s mobile phone which they must key in as further proof of their identity.

Using this approach immediately robs the hackers of their rewards. What use is a username and password when you don’t have access to the user’s phone?

As SecurEnvoy has proven in hundreds of organisations, two-factor authentication can be introduced very quickly (in hours if required) and with virtually no administrative overhead.

Maybe it’s time for some Government departments and police forces to give it a try….it could save a lot of red faces.

Want to know how easy it can be? Click here to see how authentication can be made easy for anyone, anywhere, using any device at any time ……..

To read the full ‘Times’ article: click here

The post Password theft highlights weak security appeared first on SecurEnvoy Blog.

Leave a Reply